GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,174

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

410 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper usage of symmetric encryption in UI Desktop for Windows (Version 0.59.1.71 and earlier)... Moderate Unreviewed

CVE-2023-28124 was published Apr 19, 2023

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE... Moderate Unreviewed

CVE-2023-29054 was published Apr 11, 2023

Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote... High Unreviewed

CVE-2023-27389 was published Apr 11, 2023

Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for... Moderate Unreviewed

CVE-2023-22271 was published Mar 22, 2023

An improper access control vulnerability exists prior to v6 that could allow an attacker to break... High Unreviewed

CVE-2023-23911 was published Mar 11, 2023

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by... Critical Unreviewed

CVE-2022-45141 was published Mar 7, 2023

Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a... High Unreviewed

CVE-2022-43460 was published Feb 13, 2023

SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version... Moderate Unreviewed

CVE-2022-34385 was published Feb 11, 2023

Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A... Moderate Unreviewed

CVE-2022-34445 was published Feb 11, 2023

Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows... High Unreviewed

CVE-2023-21443 was published Feb 9, 2023

Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers... High Unreviewed

CVE-2023-21444 was published Feb 9, 2023

IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could... Moderate Unreviewed

CVE-2022-43922 was published Feb 1, 2023

An unauthorized user with network access and the decryption key could decrypt sensitive data,... High Unreviewed

CVE-2022-38469 was published Jan 18, 2023

DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt... Moderate Unreviewed

CVE-2021-40341 was published Jan 6, 2023

Certain General Electric Renewable Energy products have inadequate encryption strength. This... Critical Unreviewed

CVE-2022-24116 was published Dec 26, 2022

When viewing an email message A, which contains an attached message B, where B is encrypted or... Moderate Unreviewed

CVE-2022-1520 was published Dec 22, 2022

In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is... High Unreviewed

CVE-2022-38659 was published Dec 19, 2022

In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open... Low Unreviewed

CVE-2022-46825 was published Dec 8, 2022

The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up... Moderate Unreviewed

CVE-2022-4036 was published Nov 29, 2022

The application was signed using a key length less than or equal to 1024 bits, making it... High Unreviewed

CVE-2020-4099 was published Nov 1, 2022

The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named ... Moderate Unreviewed

CVE-2022-3206 was published Oct 17, 2022

SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses encryption method... Moderate Unreviewed

CVE-2022-41209 was published Oct 12, 2022

An entity in Network Configuration Manager product is misconfigured and exposing password field... Moderate Unreviewed

CVE-2021-35226 was published Oct 11, 2022

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse... Moderate Unreviewed

CVE-2022-3433 was published Oct 11, 2022

In affected versions of Octopus Server it was identified that the same encryption process was... Moderate Unreviewed

CVE-2022-2781 was published Oct 6, 2022

Previous 1…5…17 Next

Previous 1 2 3 4 5 6 7 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

410 advisories